Qt3 infected with spyware?

Waste isn’t the issue. Most of the people who are mentioning it here are not members of the QT3 Waste Network.

I had this happen on a borrowed machine at a client site this week. I’m web surfing while waiting for a teleconference to get started, and I had windows open for a local newspaper (www.pasadenastarnews.com) and Qt3. I later realized IE was set to Install on Demand, so one of those two sites hit the machine with a pile of malware. Begin2search may have been the start of it, but sais.exe and several others were slapped on there too. I installed Search & Destroy and it found 17 different things, and I know none of them had been there before because I had been toying with the machine earlier and knew the few processes that had been running. It took a little time, but I think I got all the stuff off. BTW, Begin2search has an uninstall tool on their website, and that actually worked.

I had been assuming it was the newspaper site that did it, since I knew Chet would never knowingly allow banners like that. I’m also going to have a chat with the client’s IT people about that default IE setting.

These are the a subset of same banners running on poe-news, no one there is reporting anything there. I am now using ie here and getting nothing. Lloyd you have all kinds of crazy stuff running that doesn’t hit on any spyware site, you might have been hacked or being used as a zombie - something more than what a normal website download would give you.

I am not finding Begin2search or its parent company in any of the ad selections. I emailed the ad company, but they will most likely not get back to me until monday.

Are you guys patched and uptodate? Not that, that makes a difference to the types of banners running here, but with SP2 there should be no issue.

Chet

I also had a spyware bundle install from here-on Sept 24th if that’s of any help. There was no download prompt given-my virus scanner suddenly went off and suddenly pop-ups started going off all over until the browser crashed. I know Bargain Buddy was one of the programs and I still have one called “CleverIEHooker” that Spybot and Ad-Aware haven’t been able to clean off yet despite repeated attempts.

Sadly I don’t recall what banner or thread I was on when it ocurred but can definitely confirm that it was through this site.

On the bright side, since I haven’t been able to totally clean IE I’ve finally started giving Mozilla a try :)